package com.bitcola.security.me.dun;

import com.alibaba.fastjson.JSONObject;
import org.apache.http.NameValuePair;
import org.apache.http.message.BasicNameValuePair;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.ArrayList;
import java.util.List;

/**
 * @author David.Li
 * @version 1.0
 * @create 2019-12-02 4:26 下午
 **/
public class Vaptcha {

    // 验证单元key
    private String SecretKey = "7ac02cf91c334fcea63764bfc1377bac";
    // 验证单元id
    private String Vid = "5de4b975f2831a66e4110373";
    // 场景值
    private String Scene = "0";


    /**
     * 二次验证
     *
     * @param token mode(7)+knock(32)+uuid(32)
     */
    public SecondVerify verify(HttpServletRequest request, String token) {
        if (token.length() < 7) {
            return new SecondVerify(Constant.VerifyFail, "验证失败", 0);
        }
        // 根据token前7位判断验证模式
        String mode = token.substring(0, 7);
        if (Constant.OfflineMode.equals(mode)) {
            // 离线模式
            // token 中间32位为knock
            String knock = token.substring(7, 39);
            HttpSession session = request.getSession();
            // 根据截取出来的knock从session中获取token
            String sessionToken = (String) session.getAttribute(knock);
            SecondVerify secondVerify = OfflineVerify(token, sessionToken);
            // 二次验证成功则从session中移除
            if (secondVerify.getSuccess() == Constant.VerifySuccess) {
                session.removeAttribute(knock);
            }
            return secondVerify;
        } else {
            // 正常模式
            String ipAddress = Common.GetIpAddress(request);
            return Verify(ipAddress, token);
        }
    }

    /**
     * 正常模式二次校验
     *
     * @param token 前端回传token
     * @param ip    用户ip
     */
    private SecondVerify Verify(String ip, String token) {
        List<NameValuePair> parametersBody = new ArrayList<>();
        parametersBody.add(new BasicNameValuePair("id", this.Vid));
        parametersBody.add(new BasicNameValuePair("secretkey", this.SecretKey));
        parametersBody.add(new BasicNameValuePair("scene", this.Scene));
        parametersBody.add(new BasicNameValuePair("ip", ip));
        parametersBody.add(new BasicNameValuePair("token", token));
        try {
            String result = HttpClientUtil.postForm(Constant.VerifyUrl, parametersBody);

            return JSONObject.parseObject(result, SecondVerify.class);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return new SecondVerify();
    }

    /**
     * 离线模式二次校验
     *
     * @param reqToken     前端请求的token offline(7)+knock(32)+uuid(32)
     * @param sessionToken 后端session中存的token uuid(32)
     */
    private SecondVerify OfflineVerify(String reqToken, String sessionToken) {
        if (reqToken == null || "".equals(reqToken) || sessionToken == null || "".equals(sessionToken)) {
            return new SecondVerify(Constant.VerifyFail, "验证失败", 0);
        }

        String uid = reqToken.substring(39);
        if (uid.equals(sessionToken)) {
            return new SecondVerify(Constant.VerifySuccess, "验证通过", 100);
        } else {
            return new SecondVerify(Constant.VerifyFail, "验证失败", 0);
        }
    }
}
